Trojaner-Board - Windows Recovery & Desktop Rettung

Hallo Coverflow,

danke. Ich habe alles durchgelesen und verstanden. Sodas wir zusammenarbeiten können.
p.s. wegen des chats bzw absprache, habe ich auch ICQ

Gruss Sandra

Gut, ich führe jetzt erstmal alles aus und melde mich gleich wieder mit allen Infos die du so brauchst

Okay, also hier die ersten Sachen:

zuerst Malwarebyte's, ich habe nur den quickscan gemacht. ich hoffe das ist okay

Code:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Datenbank Version: 6554

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

 

16.05.2011 11:15:13

mbam-log-2011-05-16 (11-15-13).txt

 

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 150332

Laufzeit: 2 Minute(n), 49 Sekunde(n)

 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0

 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)

 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)

 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)

 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)

 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)

 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)

 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden)

Dann der OTL scan:

Code:

OTL logfile created on: 16.05.2011 11:14:47 - Run 1

OTL by OldTimer - Version 3.2.22.3     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free

5,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 455,74 Gb Total Space | 430,22 Gb Free Space | 94,40% Space Free | Partition Type: NTFS

Drive D: | 10,00 Gb Total Space | 7,38 Gb Free Space | 73,80% Space Free | Partition Type: NTFS

 

Computer Name: HPWORKSTATION | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

PRC - C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)

PRC - C:\Programme\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe (Symantec Corporation)

PRC - C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)

PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Programme\PDF Complete\pdfsvc.exe (PDF Complete Inc)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)

PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)

PRC - C:\WINDOWS\SMINST\Scheduler.exe ()

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)

MOD - C:\Programme\Norton Internet Security\Engine\17.8.0.5\asoehook.dll (Symantec Corporation)

MOD - C:\Programme\Norton Internet Security\Engine\17.8.0.5\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)

MOD - C:\Programme\Norton Internet Security\Engine\17.8.0.5\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (DBService) -- C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)

SRV - (NIS) -- C:\Programme\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe (Symantec Corporation)

SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)

SRV - (WDDMService) -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)

SRV - (WDSmartWareBackgroundService) -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)

SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (RoxMediaDB10) -- C:\Programme\Gemeinsame Dateien\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)

SRV - (pdfcDispatcher) -- C:\Programme\PDF Complete\pdfsvc.exe (PDF Complete Inc)

SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

SRV - (stllssvr) -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)

SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)

SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)

SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (BHDrvx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110309.001\BHDrvx86.sys (Symantec Corporation)

DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)

DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110319.003\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110319.003\NAVENG.SYS (Symantec Corporation)

DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110317.002\IDSXpx86.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\NIS\1108000.005\SYMTDI.SYS (Symantec Corporation)

DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1108000.005\Ironx86.SYS (Symantec Corporation)

DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1108000.005\SYMEFA.SYS (Symantec Corporation)

DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\NIS\1108000.005\SRTSP.SYS (Symantec Corporation)

DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\NIS\1108000.005\SRTSPX.SYS (Symantec Corporation)

DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (ccHP) -- C:\WINDOWS\system32\drivers\NIS\1108000.005\ccHPx86.sys (Symantec Corporation)

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()

DRV - (urvpndrv) -- C:\WINDOWS\system32\drivers\covpndrv.sys (F5 Networks, Inc.)

DRV - (f5ipfw) -- C:\WINDOWS\system32\drivers\urfltw2k.sys (F5 Networks)

DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1108000.005\SYMDS.SYS (Symantec Corporation)

DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)

DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\ACEDRV11.sys (Protect Software GmbH)

DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)

DRV - (Blfp) -- C:\WINDOWS\system32\drivers\baspxp32.sys (Broadcom Corporation)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (iAimFP4) -- C:\WINDOWS\system32\drivers\wVchNTxx.sys (Intel(R) Corporation)

DRV - (iAimFP3) -- C:\WINDOWS\system32\drivers\wSiINTxx.sys (Intel(R) Corporation)

DRV - (iAimTV5) -- C:\WINDOWS\system32\drivers\wATV10nt.sys (Intel(R) Corporation)

DRV - (iAimTV4) -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys (Intel(R) Corporation)

DRV - (iAimTV6) -- C:\WINDOWS\system32\drivers\wATV06nt.sys (Intel(R) Corporation)

DRV - (iAimTV3) -- C:\WINDOWS\system32\drivers\wATV04nt.sys (Intel(R) Corporation)

DRV - (iAimTV1) -- C:\WINDOWS\system32\drivers\wATV02NT.sys (Intel(R) Corporation)

DRV - (iAimTV0) -- C:\WINDOWS\system32\drivers\wATV01nt.sys (Intel(R) Corporation)

DRV - (iAimFP7) -- C:\WINDOWS\system32\drivers\wADV09NT.sys (Intel(R) Corporation)

DRV - (iAimFP5) -- C:\WINDOWS\system32\drivers\wADV07nt.sys (Intel(R) Corporation)

DRV - (iAimFP6) -- C:\WINDOWS\system32\drivers\wADV08NT.sys (Intel(R) Corporation)

DRV - (i81x) -- C:\WINDOWS\system32\drivers\i81xnt5.sys (Intel(R) Corporation)

DRV - (iAimFP0) -- C:\WINDOWS\system32\drivers\wADV01nt.sys (Intel(R) Corporation)

DRV - (iAimFP1) -- C:\WINDOWS\system32\drivers\wADV02NT.sys (Intel(R) Corporation)

DRV - (iAimFP2) -- C:\WINDOWS\system32\drivers\wADV05NT.sys (Intel(R) Corporation)

DRV - (Symmpi) -- C:\WINDOWS\system32\DRIVERS\symmpi.sys (LSI Logic)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"

FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0

FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6

 

FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.05.26 14:58:11 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.03.19 15:45:25 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.05.09 17:58:23 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.05.09 17:58:23 | 000,000,000 | ---D | M]

 

[2009.02.24 08:42:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions

[2011.05.16 10:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\oprtnbda.default\extensions

[2011.04.15 12:14:24 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\oprtnbda.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}

[2009.11.29 13:54:19 | 000,002,059 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\oprtnbda.default\searchplugins\daemon-search.xml

[2011.05.16 10:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2010.03.19 15:45:25 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\COFFPLGN

[2010.05.26 14:58:11 | 000,000,000 | ---D | M] (Norton IPS) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPLGN

[2009.11.29 13:29:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011.05.08 09:22:12 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2011.05.08 09:22:12 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2011.05.06 10:09:29 | 000,002,048 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrch.xml

[2011.05.08 09:22:12 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2011.05.08 09:22:12 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2011.05.08 09:22:12 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2011.05.13 13:48:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)

O4 - HKLM..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [FRYMXINS] C:\Programme\ATI Technologies\Fire GL 3D Studio Max\atiimxgl.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [PDF Complete] C:\Programme\PDF Complete\pdfsty.exe (PDF Complete Inc)

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()

O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()

O4 - HKCU..\Run: [LightScribe Control Panel] C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: expert.de ([vpn] https in Vertrauenswürdige Sites)

O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} https://mgbdis05.sczn.de/vdesk/terminal/urxvpn.cab#version=6031,2009,1010,313 (F5 Networks VPN Manager)

O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} https://mgbdis05.sczn.de/vdesk/terminal/f5tunsrv.cab#version=6031,2009,1010,310 (F5 Networks Dynamic Application Tunnel Control)

O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} https://mgbdis05.sczn.de/vdesk/terminal/InstallerControl.cab#version=6031,2009,1010,0312 (F5 Networks Auto Update)

O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} https://vpn.expert.de/vdesk/terminal/urTermProxy.cab#version=6020,2007,1001,2136 (F5 Networks Static Application Tunnel Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)

O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)

O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://mgbdis05.sczn.de/vdesk/terminal/urxshost.cab#version=6031,2009,1010,308 (F5 Networks SuperHost Class)

O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://mgbdis05.sczn.de/vdesk/terminal/urxhost.cab#version=6031,2009,1010,304 (F5 Networks Host Control)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\HPQ1920h.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\HPQ1920h.bmp

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.05.13 13:30:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\SQL9_KB960089_ENU

[2011.05.13 13:16:41 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011.05.13 11:31:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2011.05.13 11:31:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2011.05.13 11:31:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2011.05.13 11:31:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2011.05.13 11:29:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2011.05.13 11:28:35 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011.05.11 09:26:20 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent

[2011.05.10 21:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

[2011.05.10 21:39:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2011.05.10 21:39:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2011.05.10 21:39:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2011.05.10 21:39:44 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2011.05.10 21:34:07 | 000,000,000 | ---D | C] -- C:\spoolerlogs

[2011.05.07 08:34:26 | 000,118,784 | ---- | C] (SoftThinks) -- C:\WINDOWS\System32\chg.exe

[2011.04.19 11:32:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Western_Digital

[2011.04.19 11:31:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Western Digital

[2011.04.19 11:31:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Western Digital

[2011.04.19 11:31:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\ServiceTest

[2011.04.19 11:30:56 | 000,011,520 | ---- | C] (Western Digital Technologies) -- C:\WINDOWS\System32\drivers\wdcsam.sys

[2011.04.19 11:30:45 | 000,000,000 | ---D | C] -- C:\Programme\Western Digital

[2011.04.19 11:30:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WD SmartWare

[2011.04.19 11:26:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Western Digital

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.05.16 11:10:31 | 000,502,095 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\unhide.exe

[2011.05.16 11:02:05 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011.05.16 11:00:33 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011.05.16 11:00:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011.05.16 11:00:22 | 3740,622,848 | -HS- | M] () -- C:\hiberfil.sys

[2011.05.13 13:48:54 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2011.05.13 13:30:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011.05.13 13:16:46 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2011.05.13 11:13:32 | 000,317,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011.05.11 16:20:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011.05.11 09:10:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Aqorurivikikik.bin

[2011.05.11 09:09:35 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.05.10 21:24:21 | 000,000,120 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19062564r

[2011.05.10 21:24:21 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19062564

[2011.05.10 21:20:03 | 000,000,336 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\19062564

[2011.05.10 14:01:42 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Vsupusikun.dat

[2011.05.10 11:02:50 | 000,118,784 | ---- | M] (SoftThinks) -- C:\WINDOWS\System32\chg.exe

[2011.05.09 17:59:53 | 000,000,610 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\µTorrent.lnk

[2011.05.06 12:18:25 | 000,000,312 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\google.de.URL

[2011.05.06 10:10:57 | 000,004,096 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\000009DB.LCS

[2011.05.05 20:45:45 | 000,000,123 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\vpn.expert.de.url

[2011.05.05 13:41:02 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Mozilla Firefox.lnk

[2011.05.04 22:15:13 | 000,243,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\T-Online.url

[2011.05.04 19:15:52 | 000,000,818 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak

[2011.04.23 20:06:28 | 000,000,179 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Werbung.url

[2011.04.21 13:48:34 | 000,000,691 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\VIDEO.lnk

[2011.04.18 17:35:46 | 000,482,428 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2011.04.18 17:35:46 | 000,456,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011.04.18 17:35:46 | 000,101,640 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2011.04.18 17:35:46 | 000,082,030 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.05.16 11:11:02 | 000,502,095 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\unhide.exe

[2011.05.13 13:18:58 | 000,001,928 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton Internet Security.LNK

[2011.05.13 13:18:58 | 000,000,636 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Winamp.lnk

[2011.05.13 13:18:58 | 000,000,610 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\µTorrent.lnk

[2011.05.13 13:18:57 | 000,002,121 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk

[2011.05.13 13:18:57 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\HP Photosmart Essential 2.5.lnk

[2011.05.13 13:18:57 | 000,001,583 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk

[2011.05.13 13:18:56 | 000,002,085 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\2500 Rezepte.lnk

[2011.05.13 13:18:56 | 000,001,709 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader.lnk

[2011.05.13 13:16:45 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2011.05.13 13:16:43 | 000,262,448 | RHS- | C] () -- C:\cmldr

[2011.05.13 11:31:03 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2011.05.13 11:31:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2011.05.13 11:31:03 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2011.05.13 11:31:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2011.05.13 11:31:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2011.05.11 09:09:35 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.05.10 21:20:10 | 000,000,120 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19062564r

[2011.05.10 21:20:10 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~19062564

[2011.05.10 21:20:03 | 000,000,336 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\19062564

[2011.05.10 14:01:42 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Vsupusikun.dat

[2011.05.10 14:01:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Aqorurivikikik.bin

[2011.05.05 13:41:02 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Mozilla Firefox.lnk

[2011.04.21 13:48:34 | 000,000,691 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\VIDEO.lnk

[2011.01.21 18:05:15 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

[2011.01.21 18:00:12 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

[2010.07.28 22:38:16 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2009.11.29 14:04:41 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll

[2009.09.08 12:18:33 | 000,159,926 | ---- | C] () -- C:\WINDOWS\hpqins00.dat

[2009.02.24 08:42:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2009.02.16 09:35:27 | 000,030,720 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009.02.11 13:15:02 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2008.10.31 16:37:11 | 000,186,608 | ---- | C] () -- C:\WINDOWS\hpoins21.dat

[2008.10.31 16:37:11 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat

[2008.10.31 14:41:15 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe

[2008.10.31 14:25:00 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2008.10.31 14:25:00 | 000,972,072 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2008.10.31 14:24:57 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat

[2008.10.31 14:24:57 | 000,151,721 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2008.09.27 08:16:32 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2008.09.26 23:50:03 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2008.09.26 23:37:24 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2008.09.26 23:35:23 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2008.09.26 23:35:23 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2008.09.26 23:35:23 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2008.09.26 23:35:23 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2008.09.26 23:35:23 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2008.09.26 23:35:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2008.09.26 23:34:01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2008.09.26 23:24:26 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2007.06.02 04:26:52 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe

[2007.06.02 04:25:36 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe

[2006.05.04 22:14:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2006.05.04 21:53:24 | 000,482,428 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2006.05.04 21:53:24 | 000,456,076 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006.05.04 21:53:24 | 000,101,640 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2006.05.04 21:53:24 | 000,082,030 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006.05.04 21:49:18 | 000,317,152 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2006.05.04 21:41:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2006.05.04 21:36:58 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2006.02.28 03:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006.02.28 03:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006.02.28 03:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2006.02.28 03:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006.02.28 03:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006.02.28 03:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2006.02.28 03:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006.02.28 03:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006.02.28 03:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2006.02.28 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2002.05.28 08:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2002.05.28 08:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

 

< End of report >

und hier der 2te EXTRA Text von OTL:

Code:

OTL Extras logfile created on: 16.05.2011 11:14:47 - Run 1

OTL by OldTimer - Version 3.2.22.3     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free

5,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 455,74 Gb Total Space | 430,22 Gb Free Space | 94,40% Space Free | Partition Type: NTFS

Drive D: | 10,00 Gb Total Space | 7,38 Gb Free Space | 73,80% Space Free | Partition Type: NTFS

 

Computer Name: HPWORKSTATION | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler  -- ()

"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software  1.12.37.1

"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status

"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)

"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data

"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox

"{1125D720-0EB1-28D1-F3F4-F28624F282FA}" = CCC Help Czech

"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1

"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService

"{1CCC411B-762A-6C34-5735-D6EB785781C2}" = CCC Help Korean

"{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client

"{1EF6844D-E327-3E98-B6A2-F1A156FEF1DC}" = Catalyst Control Center Localization German

"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools

"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2

"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime

"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare

"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer

"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15

"{2C0B0D36-A383-9A1E-18AF-033281A2A4FB}" = CCC Help Danish

"{2D5F91BD-BB3D-4E8C-B29C-C5BC42E194F1}" = HP Performance Tuning Framework

"{30A2A953-DEB1-466A-B660-F4399C7C6B9D}" = Roxio MyDVD

"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0

"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer

"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant

"{3E9FF6B9-8F28-6475-BE08-0E64A5E8B30F}" = Catalyst Control Center Localization Chinese Traditional

"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION

"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager

"{4342E39E-8FB6-64FC-62CA-8E832036DA62}" = CCC Help Polish

"{43B8CEFE-0882-7128-062C-4ABA06E14C35}" = Catalyst Control Center Localization Italian

"{45C0E9DD-EA94-BF2D-384F-A335EB612C95}" = CCC Help English

"{4C770A95-EC34-4A3D-32C8-3D4B1C1E42AE}" = Catalyst Control Center Localization Dutch

"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout

"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP1

"{4DCDE587-D209-1BD0-CCA1-D53EE0F973BA}" = Catalyst Control Center Localization Norwegian

"{4E4E5E09-919F-DD82-A970-D5EF939720D9}" = CCC Help Turkish

"{4F96DD04-F4F1-8E7D-DCBD-F261EE71B7DD}" = Catalyst Control Center Localization French

"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies

"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC

"{532EF44F-7000-9A75-4842-962EEF4C9C03}" = Catalyst Control Center Localization Thai

"{535E146A-E052-C9E5-AA18-8F42D32912E9}" = CCC Help Italian

"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business

"{5AA6FB47-F1A1-AC26-C225-55CC00F4CA84}" = CCC Help Swedish

"{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer

"{6377C927-FF2E-4CE1-B7B4-CB3DA66B2A70}" = ccc-core-preinstall

"{642A64D2-EDF9-205F-EE58-C24B474086C5}" = CCC Help French

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc

"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm

"{69333A04-5134-40A5-A055-9166A7AA1EC8}" = 

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone

"{6C5D4207-1D38-05BE-5E3B-11D30C9F51CC}" = Catalyst Control Center Localization Finnish

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72F9095C-678E-3402-25F2-459A3D0E3FBC}" = Catalyst Control Center Localization Korean

"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio

"{784A9996-72D2-B803-6685-8613A07A49D6}" = CCC Help Hungarian

"{79959A2E-6CFA-84C3-3EE3-AA931A9B02DB}" = CCC Help Dutch

"{7C1C7AB0-09B7-C29B-12A6-EE003C90BD3E}" = Catalyst Control Center Localization Portuguese

"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan

"{808E5AB1-E98F-4362-AB10-B5B69CB2301C}" = HP Workstation User Guides

"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update

"{84B66673-B662-C3C9-1DE1-CC04623E0175}" = Skins

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour

"{8A5DE4D2-2ADB-C2DE-243D-E01EE47A309D}" = Catalyst Control Center Localization Japanese

"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport

"{8AE50412-2B1D-F1F4-2AA2-E52F109FC156}" = ccc-utility

"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack

"{8D66A102-77ED-FD47-93B8-68579D3A8D22}" = Catalyst Control Center Localization Russian

"{8D6D0C29-BCE1-4757-B59D-B7956FB8418A}" = CCC Help Spanish

"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{909B62B0-8ACA-4061-A83B-09CAEF609619}" = MSXML 6.0 Parser

"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components

"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD

"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU

"{94274A84-35FA-0DD8-3FCD-78EBBEC5B4C8}" = CCC Help Chinese Traditional

"{9509667D-3CBF-D677-326A-0CFA9F3445F8}" = Catalyst Control Center Localization Danish

"{985C243E-499B-5A44-EE3F-139FA6C5429B}" = CCC Help Chinese Standard

"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp

"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel

"{A0D5066F-4573-878B-2497-5A59E5BA5AB7}" = Catalyst Control Center Core Implementation

"{A1C146AE-29F4-6FB7-C71A-4A0F721A52A7}" = Catalyst Control Center Localization Hungarian

"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter

"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components

"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support

"{AA1695AF-D31E-2F71-D944-E43BB2F240FD}" = CCC Help Japanese

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch

"{AD069108-D4DA-3732-9D31-0502BDAFAEDA}" = Catalyst Control Center Localization Greek

"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin

"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan

"{B0628675-DAE6-9352-27C6-1C02704BFF67}" = Catalyst Control Center Graphics Full New

"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc

"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1

"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy

"{B833C4A1-664F-6371-FAAE-F97544D8AB2B}" = Catalyst Control Center Localization Spanish

"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply

"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext

"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5

"{C29CF050-0BDB-330E-935F-931B63289158}" = CCC Help Thai

"{C2EE6DF0-A967-B4F9-C388-03429BCD5851}" = Catalyst Control Center Localization Czech

"{C35E908E-A9D0-089A-E6B8-CF973AF07AEB}" = CCC Help German

"{C42B2DBA-AE7F-4BB5-2FAA-432274062957}" = CCC Help Norwegian

"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min

"{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}" = FireGL driver for 3D Studio MAX/VIZ

"{c600ab3d-8b64-41df-bf36-b3d87ce0706b}" = C7200_Help

"{CA4798E5-83AC-C60C-4858-40351B958389}" = Catalyst Control Center Localization Turkish

"{CB223ED0-E4A6-0D46-CFD6-F9968F7098B1}" = Catalyst Control Center Localization Polish

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg

"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software

"{CD0C7718-FA70-D0A6-96C8-6DB96990FD9D}" = CCC Help Greek

"{CE3B7F66-B760-9F05-7D45-C016884EBDF3}" = Catalyst Control Center Localization Chinese Standard

"{CECEB0FF-5C45-4b50-9A00-C596E36D88F4}" = C7200

"{D2022C48-E1DD-569A-BA13-85B1C1A31383}" = CCC Help Portuguese

"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch

"{D653CBF3-FEBA-E029-FFB0-A86E174A5241}" = Catalyst Control Center Localization Swedish

"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component

"{DB22958E-3993-CDB4-40E2-EE8F37EB3FDD}" = Catalyst Control Center Graphics Full Existing

"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1

"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0

"{E757155D-D0A9-E8F9-396F-0BFFF9EE20A0}" = CCC Help Russian

"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack

"{E86AA946-5CE2-4C21-B660-D2C186B6FDB3}" = Broadcom Management Programs

"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support

"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module

"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10

"{EE10169F-6E9F-59E0-7D43-54976962B1E0}" = CCC Help Finnish

"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax

"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager

"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy

"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes

"{FA996801-C07E-D3EF-8B7C-13A90D30E12D}" = ccc-core-static

"{FC406A49-51A8-992C-2F60-1E8B10C5319D}" = Catalyst Control Center Graphics Light

"2500 Rezepte_is1" = DATA BECKER 2500 Rezepte

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software

"ATI Display Driver" = ATI Display Driver

"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP1

"HP Imaging Device Functions" = HP Imaging Device Functions 10.0

"HP Photosmart Essential" = HP Photosmart Essential 2.5

"HP Smart Web Printing" = HP Smart Web Printing

"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0

"HPExtendedCapabilities" = HP Customer Participation Program 10.0

"HPOCR" = OCR Software by I.R.I.S. 10.0

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"McAfee Security Scan" = McAfee Security Scan Plus

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft SQL Server 2005" = Microsoft SQL Server 2005

"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Nero8Lite_is1" = Nero 8 Lite

"NIS" = Norton Internet Security

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"PDF Complete" = PDF Complete

"PROHYBRIDR" = 2007 Microsoft Office system

"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11

"Shop for HP Supplies" = Shop for HP Supplies

"VLC media player" = VLC media player 0.9.8a

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinRAR archiver" = WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 13.05.2011 07:28:53 | Computer Name = HPWORKSTATION | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 wdsmartwarebackgroundservice.exe, P2 2.0.0.1,

 P3 4a303b71, P4 mscorlib, P5 2.0.0.0, P6 471ebc5b, P7 5342, P8 61, P9 n51cffzwz1gffvslvrub5uxq1gvd0txu,

 P10 NIL.

 

Error - 13.05.2011 07:31:18 | Computer Name = HPWORKSTATION | Source = LoadPerf | ID = 3013

Description = Die Die Zeichenfolgen der Leistungsindikatoren der Sprachenkennung

 007 konnten nicht aktualisiert werden.  Der zurückgegebene Win32-Status ist das erste

 DWORD im Datenbereich.

 

Error - 13.05.2011 07:31:18 | Computer Name = HPWORKSTATION | Source = LoadPerf | ID = 3013

Description = Die Die Zeichenfolgen der Leistungsindikatoren der Sprachenkennung

 009 konnten nicht aktualisiert werden.  Der zurückgegebene Win32-Status ist das erste

 DWORD im Datenbereich.

 

Error - 13.05.2011 07:31:18 | Computer Name = HPWORKSTATION | Source = LoadPerf | ID = 3011

Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren

 für  Dienst MSSQL$MSSMLBIZ (SQL Server (MSSMLBIZ)). Der Fehlercode ist das erste 

DWORD im Datenbereich.

 

Error - 13.05.2011 07:35:20 | Computer Name = HPWORKSTATION | Source = PerfNet | ID = 2004

Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen

werden

 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.

 

Error - 13.05.2011 07:36:53 | Computer Name = HPWORKSTATION | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 wdsmartwarebackgroundservice.exe, P2 2.0.0.1,

 P3 4a303b71, P4 mscorlib, P5 2.0.0.0, P6 471ebc5b, P7 5342, P8 61, P9 n51cffzwz1gffvslvrub5uxq1gvd0txu,

 P10 NIL.

 

Error - 13.05.2011 07:50:03 | Computer Name = HPWORKSTATION | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 wdsmartwarebackgroundservice.exe, P2 2.0.0.1,

 P3 4a303b71, P4 mscorlib, P5 2.0.0.0, P6 471ebc5b, P7 5342, P8 61, P9 n51cffzwz1gffvslvrub5uxq1gvd0txu,

 P10 NIL.

 

Error - 16.05.2011 04:07:41 | Computer Name = HPWORKSTATION | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 wdsmartwarebackgroundservice.exe, P2 2.0.0.1,

 P3 4a303b71, P4 mscorlib, P5 2.0.0.0, P6 471ebc5b, P7 5342, P8 61, P9 n51cffzwz1gffvslvrub5uxq1gvd0txu,

 P10 NIL.

 

Error - 16.05.2011 05:00:33 | Computer Name = HPWORKSTATION | Source = PerfNet | ID = 2004

Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen

werden

 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.

 

Error - 16.05.2011 05:02:06 | Computer Name = HPWORKSTATION | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 wdsmartwarebackgroundservice.exe, P2 2.0.0.1,

 P3 4a303b71, P4 mscorlib, P5 2.0.0.0, P6 471ebc5b, P7 5342, P8 61, P9 n51cffzwz1gffvslvrub5uxq1gvd0txu,

 P10 NIL.

 

[ OSession Events ]

Error - 03.12.2008 17:38:07 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 03.12.2008 17:38:32 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 03.12.2008 17:39:26 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 06.01.2009 13:25:31 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 2540 seconds with 480 seconds of active time.  This session ended with a 

crash.

 

Error - 06.01.2009 13:25:52 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 06.01.2009 13:26:24 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 06.01.2009 13:26:45 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 06.01.2009 13:27:14 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 23 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 06.01.2009 14:17:27 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 2978 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 06.01.2009 14:43:07 | Computer Name = HPWORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session 

lasted 1530 seconds with 0 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 13.05.2011 07:51:31 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7022

Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß

 gestartet.

 

Error - 13.05.2011 07:51:32 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7034

Description = Dienst "WD SmartWare Background Service" wurde unerwartet beendet.

 Dies ist bereits 1 Mal passiert.

 

Error - 13.05.2011 07:52:02 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7011

Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung

 von Dienst NIS.

 

Error - 16.05.2011 04:07:08 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7022

Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß

 gestartet.

 

Error - 16.05.2011 04:07:28 | Computer Name = HPWORKSTATION | Source = Windows Update Agent | ID = 16

Description = Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst

 "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem 

angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht,

 eine Verbindung herzustellen.

 

Error - 16.05.2011 04:07:40 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7011

Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung

 von Dienst NIS.

 

Error - 16.05.2011 04:07:47 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7034

Description = Dienst "WD SmartWare Background Service" wurde unerwartet beendet.

 Dies ist bereits 1 Mal passiert.

 

Error - 16.05.2011 05:02:03 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7022

Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß

 gestartet.

 

Error - 16.05.2011 05:02:35 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7011

Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung

 von Dienst NIS.

 

Error - 16.05.2011 05:02:35 | Computer Name = HPWORKSTATION | Source = Service Control Manager | ID = 7034

Description = Dienst "WD SmartWare Background Service" wurde unerwartet beendet.

 Dies ist bereits 1 Mal passiert.

 

 

< End of report >

und hier meine installierten Programme:

Code:

2007 Microsoft Office system    Microsoft Corporation    12.0.6215.1000

Activation Assistant for the 2007 Microsoft Office suites    Microsoft Corporation    

Adobe Flash Player 10 ActiveX    Adobe Systems Incorporated    10.1.53.64

Adobe Flash Player 10 Plugin    Adobe Systems Incorporated    10.1.53.64

Adobe Reader 9 - Deutsch    Adobe Systems Incorporated    9.0.0

Apple Mobile Device Support    Apple Inc.    2.1.2.7

Apple Software Update    Apple Inc.    2.1.1.116

ATI - Dienstprogramm zur Deinstallation der Software        6.14.10.1018

ATI Catalyst Control Center        2.007.0801.1705

ATI Display Driver        8.391.2.1.1-070801a1-051698C-HP

ATI HYDRAVISION        3.25.0006

Bonjour    Apple Inc.    1.0.105

Broadcom Management Programs    Broadcom Corporation    10.55.08

Broadcom TPM Driver Installer    Broadcom Corporation    8.05.04

Business Contact Manager für Outlook 2007 SP1    Microsoft Corporation    3.0.7311.0

CCleaner    Piriform    3.06

DATA BECKER 2500 Rezepte        

FireGL driver for 3D Studio MAX/VIZ        6.14.10.5015

High Definition Audio - KB888111    Microsoft Corporation    20040219.000000

HP Backup and Recovery Manager    Hewlett-Packard Company     2.4a

HP Customer Participation Program 10.0    HP    10.0

HP Help and Support    HPQ    4.4.0002

HP Imaging Device Functions 10.0    HP    10.0

HP Performance Tuning Framework    Hewlett-Packard    1.61.1500

HP Photosmart All-In-One Driver Software 10.0 Rel .2    HP    10.0

HP Photosmart Essential 2.5    HP    2.5

HP Smart Web Printing    HP    3.5

HP Solution Center 10.0    HP    10.0

HP Update    Hewlett-Packard    5.002.000.013

HP Workstation User Guides    Hewlett-Packard Company    1.03.0000

InterVideo WinDVD    InterVideo Inc.    5.0-B11.1238

iTunes    Apple Inc.    8.0.2.20

J2SE Runtime Environment 5.0    Sun Microsystems, Inc.    1.5.0

Java(TM) 6 Update 15    Sun Microsystems, Inc.    6.0.150

LightScribe System Software  1.12.37.1    LightScribe    1.12.37.1

Malwarebytes' Anti-Malware    Malwarebytes Corporation    

McAfee Security Scan Plus    McAfee, Inc.    2.0.181.2

Microsoft .NET Framework 1.1        

Microsoft .NET Framework 1.1 German Language Pack    Microsoft    1.1.4322

Microsoft .NET Framework 1.1 Hotfix (KB928366)        

Microsoft .NET Framework 2.0 Service Pack 1    Microsoft Corporation    2.1.21022

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU    Microsoft Corporation    2.1.21022

Microsoft Compression Client Pack 1.0 for Windows XP    Microsoft Corporation    1

Microsoft Office 2003 Web Components    Microsoft Corporation    11.0.8003.0

Microsoft Office 2007 Primary Interop Assemblies    Microsoft Corporation    12.0.4518.1014

Microsoft Office Small Business Connectivity Components    Microsoft Corporation    2.0.7024.0

Microsoft SQL Server 2005    Microsoft Corporation    

Microsoft SQL Server Native Client    Microsoft Corporation    9.00.3042.00

Microsoft SQL Server VSS Writer    Microsoft Corporation    9.00.3042.00

Microsoft User-Mode Driver Framework Feature Pack 1.0    Microsoft Corporation    

Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    8.0.56336

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729    Microsoft Corporation    9.0.30729

Mozilla Firefox (3.6.17)    Mozilla    3.6.17 (de)

MSXML 4.0 SP2 (KB936181)    Microsoft Corporation    4.20.9848.0

MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    4.20.9870.0

MSXML 6.0 Parser    Microsoft Corporation    6.10.1129.0

Nero 8 Lite    UpdatePack.nl    8.3.13.0

Norton Internet Security    Symantec Corporation    17.8.0.5

OCR Software by I.R.I.S. 10.0    HP    10.0

PDF Complete    PDF Complete, Inc.    3.5.31

ProtectDisc Driver, Version 11    ProtectDisc Software GmbH    11.0.0.10

QuickTime    Apple Inc.    7.60.92.0

Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    5.10.0.5473

Roxio Creator Business    Roxio    10.1

Shop for HP Supplies    HP    10.0

Skype™ 5.0    Skype Technologies S.A.    5.0.152

Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)    Microsoft Corporation    9.00.3042.00

Update für Windows XP (KB943729)    Microsoft Corporation    

VLC media player 0.9.8a    VideoLAN Team    0.9.8a

WD SmartWare    Western Digital    1.2.0.8

Windows Genuine Advantage Validation Tool (KB892130)    Microsoft Corporation    

Windows Internet Explorer 7    Microsoft Corporation    20070813.185237

Windows Media Format 11 runtime        

Windows Media Player 11        

Windows XP Service Pack 3    Microsoft Corporation    20080414.031514

WinRAR

Ich hoffe du bekommst das hin,

liebste grüsse Sandra

Also der Desktop ist wieder da, den habe ich leider falsch eingestellt gehabt. Nur das problem, mit dem Start -> Alle Programme -> ist immer noch leer

und eben den anderen dingen noch.
ausserdem hat sich jetzt u.a. auch facemoods intsalliert, das ich nicht wegbekomme

So und hier jetzt noch der hjtscan

Code:

 

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

                        º                                    º 

                                    hjtscanlist v2.0              

                        º                                    º 

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
 

Microsoft Windows XP [Version 5.1.2600]

 

 

C:
 

        C:\hiberfil.sys ---------  

        C:\pagefile.sys ---------  

  16.05.2011 10:07      C:\System Volume Information --------- 0 

  13.05.2011 13:52      C:\Qoobox --------- 0 

  13.05.2011 13:52      C:\ComboFix.txt --------- 31870 

  13.05.2011 13:49      C:\WINDOWS --------- 0 

  13.05.2011 13:32      C:\Config.Msi --------- 0 

  13.05.2011 13:16      C:\boot.ini --------- 327 

  13.05.2011 13:16      C:\cmdcons --------- 0 

  13.05.2011 11:19      C:\Programme --------- 0 

  10.05.2011 21:34      C:\rkill.log --------- 624 

  10.05.2011 21:34      C:\spoolerlogs --------- 0 

  13.03.2009 12:38      C:\SWSetup --------- 0 

  02.03.2009 12:19      C:\speedportw701v.export --------- 124193 

  31.10.2008 23:09      C:\MSOCache --------- 0 

  31.10.2008 23:09      C:\i386 --------- 0 

  31.10.2008 23:09      C:\hp --------- 0 

  31.10.2008 23:09      C:\Dokumente und Einstellungen --------- 0 

  31.10.2008 23:09      C:\compaq --------- 0 

  31.10.2008 14:41      C:\ntldr --------- 251712 

  31.10.2008 14:20      C:\ProgramData --------- 0 

  31.10.2008 14:20      C:\Users --------- 0 

  31.10.2008 14:19      C:\SYSTEM.SAV --------- 0 

  31.10.2008 14:17      C:\Boot.bak --------- 211 

  26.09.2008 23:48      C:\RmDev.log --------- 51 

  28.02.2006 03:00      C:\bootfont.bin --------- 4952 

  28.02.2006 03:00      C:\ntdetect.com --------- 47564 

  03.08.2004 23:00      C:\cmldr --------- 262448 

----------------------------------------
 

 

C:\WINDOWS
 

  16.05.2011 11:01     C:\WINDOWS\WindowsUpdate.log --------- 1151590 

  16.05.2011 11:00     C:\WINDOWS\wiaservc.log --------- 50 

  16.05.2011 11:00     C:\WINDOWS\bootstat.dat --------- 2048 

  13.05.2011 19:04     C:\WINDOWS\SchedLgU.Txt --------- 32644 

  13.05.2011 13:49     C:\WINDOWS\system.ini --------- 227 

  13.05.2011 13:32     C:\WINDOWS\comsetup.log --------- 136087 

  13.05.2011 13:32     C:\WINDOWS\iis6.log --------- 438900 

  13.05.2011 13:32     C:\WINDOWS\tsoc.log --------- 178223 

  13.05.2011 13:32     C:\WINDOWS\imsins.log --------- 1374 

  13.05.2011 13:32     C:\WINDOWS\tabletoc.log --------- 19799 

  13.05.2011 13:32     C:\WINDOWS\KB960715.log --------- 12858 

  13.05.2011 13:32     C:\WINDOWS\ntdtcsetup.log --------- 80476 

  13.05.2011 13:32     C:\WINDOWS\ocmsn.log --------- 20882 

  13.05.2011 13:32     C:\WINDOWS\MedCtrOC.log --------- 27771 

  13.05.2011 13:32     C:\WINDOWS\ocgen.log --------- 188645 

  13.05.2011 13:32     C:\WINDOWS\netfxocm.log --------- 66361 

  13.05.2011 13:32     C:\WINDOWS\msgsocm.log --------- 18946 

  13.05.2011 13:32     C:\WINDOWS\FaxSetup.log --------- 376387 

  13.05.2011 13:32     C:\WINDOWS\msmqinst.log --------- 122618 

  13.05.2011 13:30     C:\WINDOWS\imsins.BAK --------- 1374 

  13.05.2011 13:30     C:\WINDOWS\KB961260-IE7.log --------- 18721 

  13.05.2011 13:30     C:\WINDOWS\updspapi.log --------- 140821 

  11.05.2011 09:10     C:\WINDOWS\Aqorurivikikik.bin --------- 0 

  10.05.2011 21:20     C:\WINDOWS\wiadebug.log --------- 275 

  10.05.2011 14:01     C:\WINDOWS\Vsupusikun.dat --------- 120 

  10.05.2011 13:59     C:\WINDOWS\srun.log --------- 12 

  10.05.2011 11:04     C:\WINDOWS\0.log --------- 0 

  19.04.2011 11:31     C:\WINDOWS\setupapi.log --------- 195644 

  18.03.2011 18:10     C:\WINDOWS\wmsetup.log --------- 36638 

  08.11.2010 01:20     C:\WINDOWS\MBR.exe --------- 89088 

  05.08.2010 11:04     C:\WINDOWS\NeroDigital.ini --------- 69 

  26.04.2010 15:58     C:\WINDOWS\PEV.exe --------- 256512 

  08.09.2009 12:22     C:\WINDOWS\hpqins00.dat --------- 159926 

  20.04.2009 12:56     C:\WINDOWS\NIRCMD.exe --------- 31232 

  24.02.2009 08:42     C:\WINDOWS\nsreg.dat --------- 0 

  24.02.2009 08:36     C:\WINDOWS\setupact.log --------- 215477 

  11.02.2009 13:14     C:\WINDOWS\setuplog.txt --------- 466 

  15.01.2009 00:13     C:\WINDOWS\KB958687.log --------- 7025 

  14.01.2009 00:42     C:\WINDOWS\KB951748.log --------- 14395 

  17.12.2008 22:59     C:\WINDOWS\KB960714-IE7.log --------- 7782 

  14.12.2008 01:15     C:\WINDOWS\KB955839.log --------- 32185 

  14.12.2008 01:15     C:\WINDOWS\KB958215-IE7.log --------- 19375 

  14.12.2008 01:13     C:\WINDOWS\KB952069.log --------- 11475 

  14.12.2008 01:13     C:\WINDOWS\KB954600.log --------- 7891 

  14.12.2008 01:13     C:\WINDOWS\KB956802.log --------- 13038 

  13.11.2008 17:21     C:\WINDOWS\KB954459.log --------- 165191 

  12.11.2008 20:21     C:\WINDOWS\KB957097.log --------- 158628 

  12.11.2008 20:21     C:\WINDOWS\KB955069.log --------- 158880 

  12.11.2008 20:21     C:\WINDOWS\msxml4-KB954430-enu.LOG --------- 315358 

  04.11.2008 18:58     C:\WINDOWS\win.ini --------- 617 

  04.11.2008 18:32     C:\WINDOWS\setupapi.log.0.old --------- 1045501 

  31.10.2008 16:49     C:\WINDOWS\hpoins21.dat --------- 186608 

  31.10.2008 16:11     C:\WINDOWS\KB939683.log --------- 6940 

  31.10.2008 16:11     C:\WINDOWS\KB938127-v2-IE7.log --------- 6736 

  31.10.2008 15:27     C:\WINDOWS\spupdsvc.log --------- 78743 

  31.10.2008 15:25     C:\WINDOWS\KB941569.log --------- 16945 

  31.10.2008 15:25     C:\WINDOWS\KB929399.log --------- 7213 

  31.10.2008 15:25     C:\WINDOWS\KB954154.log --------- 4170 

  31.10.2008 15:25     C:\WINDOWS\KB936782.log --------- 7189 

  31.10.2008 15:08     C:\WINDOWS\spupdsvc.log.1.log --------- 352 

  31.10.2008 15:06     C:\WINDOWS\KB958644.log --------- 40185 

  31.10.2008 15:06     C:\WINDOWS\KB956390.log --------- 28696 

  31.10.2008 15:06     C:\WINDOWS\KB957095.log --------- 39673 

  31.10.2008 15:06     C:\WINDOWS\KB956841.log --------- 40786 

  31.10.2008 15:06     C:\WINDOWS\KB956803.log --------- 39672 

  31.10.2008 15:06     C:\WINDOWS\KB956391.log --------- 39155 

  31.10.2008 15:06     C:\WINDOWS\KB954211.log --------- 39488 

  31.10.2008 15:04     C:\WINDOWS\KB943729.log --------- 36003 

  31.10.2008 15:04     C:\WINDOWS\WgaNotify.log --------- 37086 

  31.10.2008 15:04     C:\WINDOWS\KB938464.log --------- 33366 

  31.10.2008 15:04     C:\WINDOWS\KB952287.log --------- 35688 

  31.10.2008 15:04     C:\WINDOWS\KB951072-v2.log --------- 56957 

  31.10.2008 15:04     C:\WINDOWS\KB950974.log --------- 43867 

  31.10.2008 15:04     C:\WINDOWS\KB952954.log --------- 43245 

  31.10.2008 15:04     C:\WINDOWS\KB946648.log --------- 35680 

  31.10.2008 15:03     C:\WINDOWS\KB951066.log --------- 35442 

  31.10.2008 15:03     C:\WINDOWS\KB902344.log --------- 1191 

  31.10.2008 15:03     C:\WINDOWS\KB951978.log --------- 41905 

  31.10.2008 15:03     C:\WINDOWS\KB951698.log --------- 42654 

  31.10.2008 15:03     C:\WINDOWS\KB951376-v2.log --------- 35618 

  31.10.2008 15:03     C:\WINDOWS\msxml4-KB936181-enu.LOG --------- 290694 

  31.10.2008 15:03     C:\WINDOWS\KB923689.log --------- 36556 

  31.10.2008 15:03     C:\WINDOWS\KB950762.log --------- 35467 

  31.10.2008 15:03     C:\WINDOWS\ie7_main.log --------- 35608 

  31.10.2008 15:03     C:\WINDOWS\KB956390-IE7.log --------- 51143 

  31.10.2008 15:03     C:\WINDOWS\KB953838-IE7.log --------- 53643 

  31.10.2008 15:03     C:\WINDOWS\ie7.log --------- 42296 

  31.10.2008 15:02     C:\WINDOWS\IDNMitigationAPIs.log --------- 12382 

  31.10.2008 15:02     C:\WINDOWS\NLSDownlevelMapping.log --------- 10732 

  31.10.2008 15:02     C:\WINDOWS\KB915865.log --------- 4978 

  31.10.2008 15:00     C:\WINDOWS\MSCompPackV1.log --------- 6845 

  31.10.2008 15:00     C:\WINDOWS\wmp11.log --------- 19090 

  31.10.2008 15:00     C:\WINDOWS\wmsetup10.log --------- 2542 

  31.10.2008 14:59     C:\WINDOWS\WMFDist11.log --------- 28947 

  31.10.2008 14:59     C:\WINDOWS\Wudf01000Inst.log --------- 9979 

  31.10.2008 14:50     C:\WINDOWS\WMSysPr9.prx --------- 316640 

  31.10.2008 14:50     C:\WINDOWS\DtcInstall.log --------- 867 

  31.10.2008 14:49     C:\WINDOWS\OEWABLog.txt --------- 1519 

  31.10.2008 14:46     C:\WINDOWS\svcpack.log --------- 536076 

  31.10.2008 14:45     C:\WINDOWS\cmsetacl.log --------- 373 

  31.10.2008 14:45     C:\WINDOWS\sessmgr.setup.log --------- 3652 

  31.10.2008 14:35     C:\WINDOWS\KB898461.log --------- 6876 

  31.10.2008 14:35     C:\WINDOWS\KB892130.log --------- 6892 

  31.10.2008 14:13     C:\WINDOWS\regopt.log --------- 3822 

  26.09.2008 23:50     C:\WINDOWS\COM+.log --------- 1454 

  26.09.2008 23:50     C:\WINDOWS\smscfg.ini --------- 61 

  26.09.2008 23:47     C:\WINDOWS\Master.log --------- 21 

  26.09.2008 23:36     C:\WINDOWS\xpsp1hfm.log --------- 1487 

  26.09.2008 23:35     C:\WINDOWS\DirectX.log --------- 141858 

  26.09.2008 23:35     C:\WINDOWS\log.log --------- 188 

  26.09.2008 23:33     C:\WINDOWS\HideWin.exe --------- 315392 

  26.09.2008 23:30     C:\WINDOWS\KB890859.log --------- 9118 

  26.09.2008 23:30     C:\WINDOWS\KB888111.log --------- 7505 

  26.09.2008 23:29     C:\WINDOWS\KB815304.log --------- 5910 

  26.09.2008 23:29     C:\WINDOWS\REGLOCS.OLD --------- 8192 

  26.09.2008 23:28     C:\WINDOWS\KB893803v2.log --------- 14666 

  26.09.2008 23:28     C:\WINDOWS\KB909095.log --------- 6751 

  26.09.2008 23:28     C:\WINDOWS\KB896358.log --------- 8246 

  26.09.2008 23:28     C:\WINDOWS\KB885222.log --------- 6334 

  26.09.2008 23:28     C:\WINDOWS\KB885270.log --------- 5469 

  26.09.2008 23:28     C:\WINDOWS\KB889673.log --------- 5927 

  14.04.2008 04:23     C:\WINDOWS\winhlp32.exe --------- 288768 

  14.04.2008 04:23     C:\WINDOWS\slrundll.exe --------- 32866 

  14.04.2008 04:22     C:\WINDOWS\regedit.exe --------- 153600 

  14.04.2008 04:22     C:\WINDOWS\notepad.exe --------- 70144 

  14.04.2008 04:22     C:\WINDOWS\hh.exe --------- 10752 

  14.04.2008 04:22     C:\WINDOWS\explorer.exe --------- 1036800 

  14.04.2008 04:22     C:\WINDOWS\twain_32.dll --------- 50688 

  13.02.2008 11:18     C:\WINDOWS\hpomdl21.dat --------- 7262 

  27.11.2007 08:43     C:\WINDOWS\WMPrfDeu.prx --------- 33820 

  31.10.2007 15:45     C:\WINDOWS\Twunk_32.dll --------- 12288 

  31.10.2007 15:45     C:\WINDOWS\Twunk_16.dll --------- 12288 

  20.08.2007 16:38     C:\WINDOWS\RTHDCPL.exe --------- 16384512 

  03.08.2007 14:22     C:\WINDOWS\SkyTel.exe --------- 1826816 

  26.07.2007 19:06     C:\WINDOWS\RtlUpd.exe --------- 1191936 

  26.07.2007 18:09     C:\WINDOWS\RtlExUpd.dll --------- 520192 

  28.06.2007 17:44     C:\WINDOWS\MicCal.exe --------- 2165760 

  03.05.2007 19:52     C:\WINDOWS\atiogl.xml --------- 11557 

  23.03.2007 20:19     C:\WINDOWS\RTLCPL.exe --------- 9715200 

  28.12.2006 21:01     C:\WINDOWS\002586_.tmp --------- 19569 

  28.07.2006 18:47     C:\WINDOWS\HPQ800h.bmp --------- 1440056 

  28.07.2006 18:47     C:\WINDOWS\HPQ1024h.bmp --------- 2359352 

  28.07.2006 18:46     C:\WINDOWS\HPQ1600h.bmp --------- 5760056 

  28.07.2006 18:46     C:\WINDOWS\HPQ1920h.bmp --------- 6912056 

  28.07.2006 18:46     C:\WINDOWS\HPQ640h.bmp --------- 921656 

  21.07.2006 17:14     C:\WINDOWS\SoundMan.exe --------- 86016 

  04.05.2006 22:32     C:\WINDOWS\Sti_Trace.log --------- 0 

  04.05.2006 21:43     C:\WINDOWS\setuperr.log --------- 62 

  04.05.2006 21:42     C:\WINDOWS\KB911164.log --------- 6642 

  04.05.2006 21:42     C:\WINDOWS\control.ini --------- 0 

  04.05.2006 21:41     C:\WINDOWS\ODBCINST.INI --------- 4161 

  04.05.2006 21:39     C:\WINDOWS\WindowsShell.Manifest --------- 749 

  04.05.2006 21:36     C:\WINDOWS\vbaddin.ini --------- 37 

  04.05.2006 21:36     C:\WINDOWS\vb.ini --------- 36 

  04.05.2006 17:26     C:\WINDOWS\alcwzrd.exe --------- 2808832 

  28.02.2006 03:00     C:\WINDOWS\Blaue Spitzen 16.bmp --------- 1272 

  28.02.2006 03:00     C:\WINDOWS\explorer.scf --------- 80 

  28.02.2006 03:00     C:\WINDOWS\desktop.ini --------- 2 

  28.02.2006 03:00     C:\WINDOWS\Feder.bmp --------- 16730 

  28.02.2006 03:00     C:\WINDOWS\twunk_16.exe --------- 49680 

  28.02.2006 03:00     C:\WINDOWS\TASKMAN.EXE --------- 15872 

  28.02.2006 03:00     C:\WINDOWS\twunk_32.exe --------- 25600 

  28.02.2006 03:00     C:\WINDOWS\Seifenblase.bmp --------- 65978 

  28.02.2006 03:00     C:\WINDOWS\Zapotek.bmp --------- 9522 

  28.02.2006 03:00     C:\WINDOWS\clock.avi --------- 82944 

  28.02.2006 03:00     C:\WINDOWS\vmmreg32.dll --------- 18944 

  28.02.2006 03:00     C:\WINDOWS\Angler.bmp --------- 17336 

  28.02.2006 03:00     C:\WINDOWS\Präriewind.bmp --------- 65954 

  28.02.2006 03:00     C:\WINDOWS\msdfmap.ini --------- 1405 

  28.02.2006 03:00     C:\WINDOWS\Santa Fe-Stuck.bmp --------- 65832 

  28.02.2006 03:00     C:\WINDOWS\Granit.bmp --------- 26582 

  28.02.2006 03:00     C:\WINDOWS\Fächer.bmp --------- 26680 

  28.02.2006 03:00     C:\WINDOWS\Rhododendron.bmp --------- 17362 

  28.02.2006 03:00     C:\WINDOWS\winhelp.exe --------- 257568 

  28.02.2006 03:00     C:\WINDOWS\Kaffeetasse.bmp --------- 17062 

  28.02.2006 03:00     C:\WINDOWS\winnt.bmp --------- 48680 

  28.02.2006 03:00     C:\WINDOWS\winnt256.bmp --------- 48680 

  28.02.2006 03:00     C:\WINDOWS\twain.dll --------- 94800 

  28.02.2006 03:00     C:\WINDOWS\_default.pif --------- 707 

  03.05.2005 19:43     C:\WINDOWS\Alcmtr.exe --------- 69632 

  25.05.2004 12:04     C:\WINDOWS\logoffper2.reg --------- 192 

  25.05.2004 12:04     C:\WINDOWS\logonper2.reg --------- 278 

  31.08.2000 08:00     C:\WINDOWS\sed.exe --------- 98816 

  31.08.2000 08:00     C:\WINDOWS\SWXCACLS.exe --------- 212480 

  31.08.2000 08:00     C:\WINDOWS\SWSC.exe --------- 136704 

  31.08.2000 08:00     C:\WINDOWS\SWREG.exe --------- 161792 

  31.08.2000 08:00     C:\WINDOWS\zip.exe --------- 68096 

  31.08.2000 08:00     C:\WINDOWS\grep.exe --------- 80412 

----------------------------------------
 

 

C:\WINDOWS\System
 

 14.04.2008 04:23    C:\WINDOWS\System\winspool.drv --------- 146944 

 28.02.2006 03:00    C:\WINDOWS\System\AVIFILE.DLL --------- 109504 

 28.02.2006 03:00    C:\WINDOWS\System\COMMDLG.DLL --------- 33744 

 28.02.2006 03:00    C:\WINDOWS\System\KEYBOARD.DRV --------- 2000 

 28.02.2006 03:00    C:\WINDOWS\System\LZEXPAND.DLL --------- 9936 

 28.02.2006 03:00    C:\WINDOWS\System\MCIAVI.DRV --------- 73760 

 28.02.2006 03:00    C:\WINDOWS\System\MCISEQ.DRV --------- 25296 

 28.02.2006 03:00    C:\WINDOWS\System\MCIWAVE.DRV --------- 28160 

 28.02.2006 03:00    C:\WINDOWS\System\MMSYSTEM.DLL --------- 69632 

 28.02.2006 03:00    C:\WINDOWS\System\MMTASK.TSK --------- 1152 

 28.02.2006 03:00    C:\WINDOWS\System\MOUSE.DRV --------- 2032 

 28.02.2006 03:00    C:\WINDOWS\System\AVICAP.DLL --------- 70368 

 28.02.2006 03:00    C:\WINDOWS\System\OLECLI.DLL --------- 82944 

 28.02.2006 03:00    C:\WINDOWS\System\OLESVR.DLL --------- 24064 

 28.02.2006 03:00    C:\WINDOWS\System\setup.inf --------- 59167 

 28.02.2006 03:00    C:\WINDOWS\System\SHELL.DLL --------- 5120 

 28.02.2006 03:00    C:\WINDOWS\System\SOUND.DRV --------- 1744 

 28.02.2006 03:00    C:\WINDOWS\System\stdole.tlb --------- 5532 

 28.02.2006 03:00    C:\WINDOWS\System\SYSTEM.DRV --------- 3360 

 28.02.2006 03:00    C:\WINDOWS\System\TAPI.DLL --------- 19200 

 28.02.2006 03:00    C:\WINDOWS\System\TIMER.DRV --------- 4048 

 28.02.2006 03:00    C:\WINDOWS\System\VER.DLL --------- 9200 

 28.02.2006 03:00    C:\WINDOWS\System\VGA.DRV --------- 2176 

 28.02.2006 03:00    C:\WINDOWS\System\WFWNET.DRV --------- 13600 

 28.02.2006 03:00    C:\WINDOWS\System\MSVIDEO.DLL --------- 127104 

----------------------------------------
 

 

C:\WINDOWS\System32
 

 16.05.2011 11:02     C:\WINDOWS\system32\wpa.dbl --------- 1158 

 16.05.2011 11:00     C:\WINDOWS\system32\d3d9caps.dat --------- 1324 

 13.05.2011 13:52     C:\WINDOWS\system32\drivers --------- 0 

 13.05.2011 13:49     C:\WINDOWS\system32\CatRoot2 --------- 0 

 13.05.2011 13:30     C:\WINDOWS\system32\dllcache --------- 0 

 13.05.2011 13:25     C:\WINDOWS\system32\config --------- 0 

 13.05.2011 11:13     C:\WINDOWS\system32\FNTCACHE.DAT --------- 317152 

 10.05.2011 11:02     C:\WINDOWS\system32\chg.exe --------- 118784 

 19.04.2011 11:30     C:\WINDOWS\system32\DRVSTORE --------- 0 

 18.04.2011 17:35     C:\WINDOWS\system32\perfc009.dat --------- 82030 

 18.04.2011 17:35     C:\WINDOWS\system32\perfh009.dat --------- 456076 

 18.04.2011 17:35     C:\WINDOWS\system32\perfh007.dat --------- 482428 

 18.04.2011 17:35     C:\WINDOWS\system32\perfc007.dat --------- 101640 

 18.04.2011 17:35     C:\WINDOWS\system32\PerfStringBackup.INI --------- 1136764 

 20.03.2011 17:37     C:\WINDOWS\system32\TEST.log --------- 136611 

 20.03.2011 17:37     C:\WINDOWS\system32\SENT.log --------- 10034 

 20.03.2011 17:37     C:\WINDOWS\system32\RECV.log --------- 21749 

 28.07.2010 22:38     C:\WINDOWS\system32\ezsidmv.dat --------- 56 

 15.04.2010 12:01     C:\WINDOWS\system32\ReinstallBackups --------- 0 

 19.03.2010 15:41     C:\WINDOWS\system32\S32EVNT1.DLL --------- 60808 

 29.11.2009 14:04     C:\WINDOWS\system32\CmdLineExt03.dll --------- 43520 

 29.11.2009 13:29     C:\WINDOWS\system32\javaw.exe --------- 145184 

 29.11.2009 13:29     C:\WINDOWS\system32\javacpl.cpl --------- 73728 

 29.11.2009 13:29     C:\WINDOWS\system32\javaws.exe --------- 149280 

 29.11.2009 13:29     C:\WINDOWS\system32\java.exe --------- 145184 

 29.11.2009 13:29     C:\WINDOWS\system32\deploytk.dll --------- 411368 

 02.03.2009 11:26     C:\WINDOWS\system32\Restore --------- 0 

 26.02.2009 22:25     C:\WINDOWS\system32\6ff814a4-.txt --------- 0 

 16.01.2009 22:01     C:\WINDOWS\system32\mshtml.dll --------- 3594752 

 10.01.2009 03:35     C:\WINDOWS\system32\MRT.exe --------- 20853704 

 05.01.2009 17:18     C:\WINDOWS\system32\QuickTimeVR.qtx --------- 90112 

 05.01.2009 17:18     C:\WINDOWS\system32\QuickTime.qts --------- 57344 

 21.12.2008 00:31     C:\WINDOWS\system32\wininet.dll --------- 826368 

 21.12.2008 00:31     C:\WINDOWS\system32\webcheck.dll --------- 233472 

 21.12.2008 00:31     C:\WINDOWS\system32\urlmon.dll --------- 1160192 

 21.12.2008 00:31     C:\WINDOWS\system32\url.dll --------- 105984 

 21.12.2008 00:31     C:\WINDOWS\system32\pngfilt.dll --------- 44544 

 21.12.2008 00:31     C:\WINDOWS\system32\occache.dll --------- 102912 

 21.12.2008 00:31     C:\WINDOWS\system32\mstime.dll --------- 671232 

 21.12.2008 00:31     C:\WINDOWS\system32\mshtmled.dll --------- 477696 

 21.12.2008 00:31     C:\WINDOWS\system32\msrating.dll --------- 193024 

 21.12.2008 00:31     C:\WINDOWS\system32\msfeeds.dll --------- 459264 

 21.12.2008 00:31     C:\WINDOWS\system32\msfeedsbs.dll --------- 52224 

 21.12.2008 00:30     C:\WINDOWS\system32\inetcpl.cpl --------- 1831424 

 21.12.2008 00:30     C:\WINDOWS\system32\jsproxy.dll --------- 27648 

 21.12.2008 00:30     C:\WINDOWS\system32\iertutil.dll --------- 267776 

 21.12.2008 00:30     C:\WINDOWS\system32\iernonce.dll --------- 44544 

 21.12.2008 00:30     C:\WINDOWS\system32\ieframe.dll --------- 6066688 

 21.12.2008 00:30     C:\WINDOWS\system32\iedkcs32.dll --------- 384512 

 21.12.2008 00:30     C:\WINDOWS\system32\ieapfltr.dll --------- 383488 

 21.12.2008 00:30     C:\WINDOWS\system32\ieaksie.dll --------- 230400 

 21.12.2008 00:30     C:\WINDOWS\system32\ieakeng.dll --------- 153088 

 21.12.2008 00:30     C:\WINDOWS\system32\extmgr.dll --------- 133120 

 21.12.2008 00:30     C:\WINDOWS\system32\icardie.dll --------- 63488 

 21.12.2008 00:30     C:\WINDOWS\system32\dxtrans.dll --------- 214528 

 21.12.2008 00:30     C:\WINDOWS\system32\dxtmsft.dll --------- 347136 

 21.12.2008 00:30     C:\WINDOWS\system32\advpack.dll --------- 124928 

 19.12.2008 11:10     C:\WINDOWS\system32\ieudinit.exe --------- 13824 

 19.12.2008 11:09     C:\WINDOWS\system32\ie4uinit.exe --------- 70656 

 19.12.2008 07:23     C:\WINDOWS\system32\ieakui.dll --------- 161792 

 14.12.2008 01:15     C:\WINDOWS\system32\TZLog.log --------- 435586 

 11.11.2008 14:16     C:\WINDOWS\system32\wbem --------- 0 

 02.11.2008 09:54     C:\WINDOWS\system32\mapisvc.inf --------- 423 

 31.10.2008 23:09     C:\WINDOWS\system32\xircom --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\wins --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\URTTemp --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\spool --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\ShellExt --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\RTCOM --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\ras --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\mui --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\MsDtc --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\Microsoft --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\Macromed --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\icsxml --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\IME --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\ias --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\export --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\DirectX --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\dhcp --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\1042 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\1037 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\1033 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\3com_dmi --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\3076 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\2052 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\1041 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\1054 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\1031 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\1028 --------- 0 

 31.10.2008 23:09     C:\WINDOWS\system32\1025 --------- 0 

 31.10.2008 16:30     C:\WINDOWS\system32\appmgmt --------- 0 

 31.10.2008 15:25     C:\WINDOWS\system32\CatRoot --------- 0 

 31.10.2008 15:03     C:\WINDOWS\system32\de-DE --------- 0 

 31.10.2008 15:00     C:\WINDOWS\system32\amcompat.tlb --------- 16832 

 31.10.2008 15:00     C:\WINDOWS\system32\nscompat.tlb --------- 23392 

 31.10.2008 14:59     C:\WINDOWS\system32\LogFiles --------- 0 

 31.10.2008 14:49     C:\WINDOWS\system32\spupdwxp.log --------- 90 

 31.10.2008 14:49     C:\WINDOWS\system32\Setup --------- 0 

 31.10.2008 14:45     C:\WINDOWS\system32\inetsrv --------- 0 

----------------------------------------
 

 

C:\WINDOWS\Prefetch
 

 16.05.2011 11:21     C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf --------- 13440 

 16.05.2011 11:21     C:\WINDOWS\Prefetch\TASKLIST.EXE-0A3DC10B.pf --------- 23782 

 16.05.2011 11:21     C:\WINDOWS\Prefetch\WINRAR.EXE-3588DFE8.pf --------- 70946 

 16.05.2011 11:21     C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf --------- 18118 

 16.05.2011 11:20     C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf --------- 59092 

 16.05.2011 11:20     C:\WINDOWS\Prefetch\TASKLIST.EXE-2BDC632C.pf --------- 26076 

 16.05.2011 11:15     C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf --------- 18856 

 16.05.2011 11:15     C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf --------- 17482 

 16.05.2011 11:15     C:\WINDOWS\Prefetch\HPSWP_CLIPBOOK.EXE-0BDDDA0A.pf --------- 16250 

 16.05.2011 11:15     C:\WINDOWS\Prefetch\IEXPLORE.EXE-2CA9778D.pf --------- 87308 

 16.05.2011 11:14     C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf --------- 107280 

 16.05.2011 11:14     C:\WINDOWS\Prefetch\WSCRIPT.EXE-32960AB9.pf --------- 54102 

 16.05.2011 11:14     C:\WINDOWS\Prefetch\ATTRIB.EXE-39EAFB02.pf --------- 25848 

 16.05.2011 11:13     C:\WINDOWS\Prefetch\OTL.EXE-0EBE9F22.pf --------- 61316 

 16.05.2011 11:12     C:\WINDOWS\Prefetch\MBAM.EXE-11D8BBD8.pf --------- 63392 

 16.05.2011 11:11     C:\WINDOWS\Prefetch\UNHIDE.EXE-20E5E444.pf --------- 28344 

 16.05.2011 11:11     C:\WINDOWS\Prefetch\PEV.EXE-307DB2E2.pf --------- 8724 

 16.05.2011 11:11     C:\WINDOWS\Prefetch\UNHIDE.EXE-0333D941.pf --------- 28090 

 16.05.2011 11:10     C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-1E60A522.pf --------- 7322 

 16.05.2011 11:05     C:\WINDOWS\Prefetch\CLTLMH.EXE-048EA134.pf --------- 87484 

 16.05.2011 11:05     C:\WINDOWS\Prefetch\DATA BECKER UPDATE SERVICE.EX-1FF94310.pf --------- 23090 

 16.05.2011 11:04     C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-170C935C.pf --------- 57140 

 16.05.2011 11:04     C:\WINDOWS\Prefetch\FIREFOX.EXE-1D57670A.pf --------- 95720 

 16.05.2011 11:02     C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf --------- 58566 

 16.05.2011 11:02     C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf --------- 45286 

 16.05.2011 11:02     C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf --------- 69046 

 16.05.2011 11:02     C:\WINDOWS\Prefetch\IPODSERVICE.EXE-233792DA.pf --------- 58882 

 16.05.2011 11:01     C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf --------- 31244 

 16.05.2011 11:01     C:\WINDOWS\Prefetch\CVTRES.EXE-2329DCD5.pf --------- 9472 

 16.05.2011 11:01     C:\WINDOWS\Prefetch\CSC.EXE-01730C27.pf --------- 31750 

 16.05.2011 11:01     C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 1435438 

 16.05.2011 10:58     C:\WINDOWS\Prefetch\DBSERVICE.EXE-255FB49B.pf --------- 8806 

 16.05.2011 10:42     C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf --------- 78514 

 16.05.2011 10:40     C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf --------- 33956 

 16.05.2011 10:40     C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf --------- 15044 

 16.05.2011 10:40     C:\WINDOWS\Prefetch\Layout.ini --------- 274164 

 16.05.2011 10:36     C:\WINDOWS\Prefetch\ASOELNCH.EXE-36FE8CA5.pf --------- 20560 

 16.05.2011 10:35     C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf --------- 11282 

 16.05.2011 10:10     C:\WINDOWS\Prefetch\HPRBUPDATE.EXE-06271174.pf --------- 29542 

 16.05.2011 10:09     C:\WINDOWS\Prefetch\DW20.EXE-005BA42F.pf --------- 24794 

 16.05.2011 10:08     C:\WINDOWS\Prefetch\RUNDLL32.EXE-13404D23.pf --------- 61064 

 16.05.2011 10:07     C:\WINDOWS\Prefetch\DWTRIG20.EXE-2A052F11.pf --------- 15444 

 13.05.2011 19:04     C:\WINDOWS\Prefetch\WINDOWS-KB890830-V2.7-DELTA.E-034302DE.pf --------- 18728 

 13.05.2011 19:04     C:\WINDOWS\Prefetch\MRTSTUB.EXE-235FAC6D.pf --------- 51022 

 13.05.2011 19:04     C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf --------- 20432 

 13.05.2011 13:52     C:\WINDOWS\Prefetch\SWREG.CFXXE-17391962.pf --------- 9074 

 13.05.2011 13:52     C:\WINDOWS\Prefetch\GREP.CFXXE-350016A4.pf --------- 4338 

 13.05.2011 13:52     C:\WINDOWS\Prefetch\PEV.CFXXE-02C8A4D3.pf --------- 61214 

 13.05.2011 13:52     C:\WINDOWS\Prefetch\SED.CFXXE-3B4964C3.pf --------- 4778 

 13.05.2011 13:52     C:\WINDOWS\Prefetch\NIRCMD.CFXXE-05436116.pf --------- 16830 

 13.05.2011 13:42     C:\WINDOWS\Prefetch\SWREG.EXE-3560BE42.pf --------- 33078 

 13.05.2011 13:42     C:\WINDOWS\Prefetch\FIREFOX.EXE-01E072AE.pf --------- 8368 

 13.05.2011 13:42     C:\WINDOWS\Prefetch\IEXPLORE.EXE-12915967.pf --------- 15986 

 13.05.2011 13:28     C:\WINDOWS\Prefetch\CCSVCHST.EXE-09AD2C89.pf --------- 102504 

 11.05.2011 17:06     C:\WINDOWS\Prefetch\HPQGPC01.EXE-2133B2E0.pf --------- 23098 

 11.05.2011 17:06     C:\WINDOWS\Prefetch\HPQBAM08.EXE-24BEEEF6.pf --------- 18268 

 11.05.2011 17:06     C:\WINDOWS\Prefetch\HPQSTE08.EXE-1E91DFAA.pf --------- 28992 

 11.05.2011 17:06     C:\WINDOWS\Prefetch\HPRBLOG.EXE-20CD9551.pf --------- 30912 

----------------------------------------
 

 

C:\WINDOWS\Tasks
 

 16.05.2011 11:00     C:\WINDOWS\Tasks\SA.DAT --------- 6 

 11.05.2011 16:20     C:\WINDOWS\Tasks\AppleSoftwareUpdate.job --------- 276 

 28.02.2006 03:00     C:\WINDOWS\Tasks\desktop.ini --------- 65 

----------------------------------------
 

 

C:\WINDOWS\Temp
 

 16.05.2011 11:14     C:\WINDOWS\Temp\hpqddsvc.log --------- 8636 

 16.05.2011 11:01     C:\WINDOWS\Temp\Perflib_Perfdata_90c.dat --------- 16384 

 16.05.2011 11:00     C:\WINDOWS\Temp\dw.log --------- 158 

 16.05.2011 11:00     C:\WINDOWS\Temp\Perflib_Perfdata_864.dat --------- 16384 

 16.05.2011 11:00     C:\WINDOWS\Temp\WGAErrLog.txt --------- 483 

 16.05.2011 10:06     C:\WINDOWS\Temp\Perflib_Perfdata_6a0.dat --------- 16384 

 16.05.2011 10:05     C:\WINDOWS\Temp\PDFC --------- 0 

 16.05.2011 10:05     C:\WINDOWS\Temp\Perflib_Perfdata_228.dat --------- 16384 

----------------------------------------
 

 

C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
 

 16.05.2011 11:02      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\WPDNSE --------- 0 

 16.05.2011 11:00      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Perflib_Perfdata_2c0.dat --------- 16384 

 16.05.2011 10:58      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\a0017.tmp --------- 2460632 

 16.05.2011 10:58      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\a0018.tmp --------- 2460632 

 16.05.2011 10:09      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\dw.log --------- 65 

 16.05.2011 10:07      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\PDFC --------- 0 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Perflib_Perfdata_86c.dat --------- 16384 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Turkish.bin --------- 22263 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Norwegian.bin --------- 21975 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Hebrew.bin --------- 19564 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Hungarian.bin --------- 26094 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Finnish.bin --------- 22868 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Czech.bin --------- 24321 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Portuguese(Brazil).bin --------- 25082 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Arabic.bin --------- 20991 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Greek.bin --------- 25093 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\SimChin.bin --------- 16420 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Thai.bin --------- 21987 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Polish.bin --------- 24232 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Portuguese.bin --------- 26271 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\English.bin --------- 21944 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\SWEDISH.bin --------- 24093 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Italian.bin --------- 27421 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Russian.bin --------- 26136 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\German.bin --------- 25764 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Spanish.bin --------- 27764 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\French.bin --------- 27245 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Dutch.bin --------- 25758 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\TradChin.bin --------- 16962 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Danish.bin --------- 22794 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Korean.bin --------- 20145 

 16.05.2011 10:05      C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Japanese.bin --------- 24310 

----------------------------------------
 

 

C:\Programme
 

 16.05.2011 10:18     C:\Programme\Mozilla Firefox --------- 0 

 13.05.2011 13:45     C:\Programme\Gemeinsame Dateien --------- 0 

 13.05.2011 13:30     C:\Programme\Microsoft SQL Server --------- 0 

 13.05.2011 13:30     C:\Programme\Internet Explorer --------- 0 

 13.05.2011 11:18     C:\Programme\JDownloader --------- 0 

 11.05.2011 09:09     C:\Programme\Malwarebytes' Anti-Malware --------- 0 

 19.04.2011 11:30     C:\Programme\Western Digital --------- 0 

 15.11.2010 13:31     C:\Programme\Skype --------- 0 

 25.10.2010 15:11     C:\Programme\WhiteSmoke --------- 0 

 30.08.2010 10:01     C:\Programme\SoulseekNS --------- 0 

 01.08.2010 21:38     C:\Programme\ElsterFormular --------- 0 

 28.06.2010 19:48     C:\Programme\McAfee Security Scan --------- 0 

 14.06.2010 21:41     C:\Programme\ProtectDisc Driver Installer --------- 0 

 14.06.2010 21:39     C:\Programme\DATA BECKER --------- 0 

 19.03.2010 15:42     C:\Programme\NortonInstaller --------- 0 

 19.03.2010 15:41     C:\Programme\Symantec --------- 0 

 10.02.2010 12:52     C:\Programme\Spesoft Audio Converter --------- 0 

 29.11.2009 13:59     C:\Programme\InstallShield Installation Information --------- 0 

 29.11.2009 13:59     C:\Programme\Atari --------- 0 

 29.11.2009 13:29     C:\Programme\Java --------- 0 

 24.02.2009 14:36     C:\Programme\VideoLAN --------- 0 

 16.02.2009 10:03     C:\Programme\Common Files --------- 0 

 16.02.2009 09:15     C:\Programme\iTunes --------- 0 

 16.02.2009 09:15     C:\Programme\iPod --------- 0 

 16.02.2009 09:14     C:\Programme\Bonjour --------- 0 

 16.02.2009 09:14     C:\Programme\QuickTime --------- 0 

 16.02.2009 09:14     C:\Programme\Apple Software Update --------- 0 

 11.02.2009 13:13     C:\Programme\Nero --------- 0 

 11.02.2009 13:12     C:\Programme\WinRAR --------- 0 

 31.10.2008 23:09     C:\Programme\xerox --------- 0 

 31.10.2008 23:09     C:\Programme\WindowsUpdate --------- 0 

 31.10.2008 23:09     C:\Programme\Uninstall Information --------- 0 

 31.10.2008 23:09     C:\Programme\Roxio --------- 0 

 31.10.2008 23:09     C:\Programme\Realtek --------- 0 

 31.10.2008 23:09     C:\Programme\PDF Complete --------- 0 

 31.10.2008 23:09     C:\Programme\Online Services --------- 0 

 31.10.2008 23:09     C:\Programme\Online-Dienste --------- 0 

 31.10.2008 23:09     C:\Programme\MSXML 6.0 --------- 0 

 31.10.2008 23:09     C:\Programme\MSN --------- 0 

 31.10.2008 23:09     C:\Programme\MSN Gaming Zone --------- 0 

 31.10.2008 23:09     C:\Programme\Microsoft Works --------- 0 

 31.10.2008 23:09     C:\Programme\Microsoft.NET --------- 0 

 31.10.2008 23:09     C:\Programme\Microsoft Visual Studio --------- 0 

 31.10.2008 23:09     C:\Programme\Microsoft Small Business --------- 0 

 31.10.2008 23:09     C:\Programme\microsoft frontpage --------- 0 

 31.10.2008 23:09     C:\Programme\Microsoft Office --------- 0 

 31.10.2008 23:09     C:\Programme\InterVideo --------- 0 

 31.10.2008 23:09     C:\Programme\Intel --------- 0 

 31.10.2008 23:09     C:\Programme\HPQ --------- 0 

 31.10.2008 23:09     C:\Programme\Hewlett-Packard Company --------- 0 

 31.10.2008 23:09     C:\Programme\Hewlett-Packard --------- 0 

 31.10.2008 23:09     C:\Programme\ComPlus Applications --------- 0 

 31.10.2008 23:09     C:\Programme\Broadcom --------- 0 

 31.10.2008 23:09     C:\Programme\Activation Assistant for the 2007 Microsoft Office suites --------- 0 

 31.10.2008 16:52     C:\Programme\Norton Internet Security --------- 0 

 31.10.2008 16:52     C:\Programme\Windows Sidebar --------- 0 

 31.10.2008 16:44     C:\Programme\HP --------- 0 

 31.10.2008 16:39     C:\Programme\Adobe --------- 0 

 31.10.2008 15:04     C:\Programme\Messenger --------- 0 

 31.10.2008 15:03     C:\Programme\MSXML 4.0 --------- 0 

 31.10.2008 15:00     C:\Programme\Windows Media Connect 2 --------- 0 

 31.10.2008 15:00     C:\Programme\Windows Media Player --------- 0 

 31.10.2008 14:45     C:\Programme\Movie Maker --------- 0 

 31.10.2008 14:44     C:\Programme\ATI Technologies --------- 0 

 31.10.2008 14:43     C:\Programme\NetMeeting --------- 0 

 31.10.2008 14:43     C:\Programme\Windows NT --------- 0 

 31.10.2008 14:43     C:\Programme\Outlook Express --------- 0 

 31.10.2008 14:17     C:\Programme\Programmverknüpfungen --------- 0 

----------------------------------------
 

 

C:\Dokumente und Einstellungen\All Users\.. 
 

Default User    

NetworkService    

Administrator    

LocalService    

All Users    

----------------------------------------
 

 

C:\WINDOWS\system32\drivers\etc\hosts
 

127.0.0.1       localhost
 

----------------------------------------
 

 
 

Abbildname                  PID Sitzungsname      Sitz.-Nr. Speichernutzung

========================= ===== ================ ========== ===============

System Idle Process           0 Console                   0            28 K

System                        4 Console                   0           252 K

smss.exe                    768 Console                   0           428 K

csrss.exe                   828 Console                   0         2.300 K

winlogon.exe                856 Console                   0         3.584 K

services.exe                904 Console                   0         4.888 K

lsass.exe                   916 Console                   0         1.672 K

ati2evxx.exe               1084 Console                   0         3.520 K

svchost.exe                1112 Console                   0         4.980 K

svchost.exe                1160 Console                   0         4.500 K

svchost.exe                1272 Console                   0        25.272 K

svchost.exe                1392 Console                   0         3.616 K

svchost.exe                1468 Console                   0         4.388 K

ati2evxx.exe               1568 Console                   0         3.956 K

spoolsv.exe                1624 Console                   0         5.508 K

explorer.exe                212 Console                   0        58.516 K

RTHDCPL.exe                 468 Console                   0        16.120 K

Scheduler.exe               532 Console                   0         6.720 K

MOM.exe                     596 Console                   0         3.144 K

hpwuSchd2.exe               644 Console                   0         2.264 K

iTunesHelper.exe            676 Console                   0         9.436 K

LightScribeControlPanel.e   688 Console                   0         7.608 K

Skype.exe                   704 Console                   0        70.328 K

ctfmon.exe                  508 Console                   0         4.552 K

CCC.exe                     792 Console                   0         5.656 K

AppleMobileDeviceService.  1724 Console                   0         2.392 K

BcmSqlStartupSvc.exe       1780 Console                   0         2.224 K

mDNSResponder.exe          1832 Console                   0         3.604 K

DBService.exe              1896 Console                   0         2.420 K

svchost.exe                2052 Console                   0         5.852 K

iviRegMgr.exe              2136 Console                   0         2.212 K

jqs.exe                    2148 Console                   0         1.396 K

LSSrvc.exe                 2204 Console                   0         2.640 K

svchost.exe                2228 Console                   0         2.896 K

ccsvchst.exe               2316 Console                   0         9.944 K

pdfsvc.exe                 2384 Console                   0         3.528 K

svchost.exe                2528 Console                   0         2.868 K

sqlwriter.exe              2572 Console                   0         3.528 K

svchost.exe                2660 Console                   0         4.744 K

WDDMService.exe            2744 Console                   0         5.084 K

ccsvchst.exe               3220 Console                   0         5.768 K

iPodService.exe            3260 Console                   0         4.052 K

wmiapsrv.exe               4028 Console                   0         4.428 K

alg.exe                    2560 Console                   0         3.536 K

firefox.exe                2156 Console                   0        87.576 K

plugin-container.exe       2348 Console                   0        15.820 K

wmiprvse.exe               3124 Console                   0         4.888 K

wmiprvse.exe               3064 Console                   0         6.084 K

cmd.exe                    1052 Console                   0         2.196 K

tasklist.exe               2116 Console                   0         5.152 K
 

 

***** Ende des Scans 16.05.2011 um 11:22:10,06 ***